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Certificate-based authorization policy in a PKI environment 
Mary R. Thompson, Abdelilah Essiari, Srilekha Mudumbai 

November 2003 ACM Transactions on Information and System Security (TISSEC), 

Volume 6 Issue 4 
Publisher: ACM Press 

Additional Information: full citation , abstract , references , citing s, index 
terms 



Full text available:^ pdf(233.63 KB) 



2 

♦ 



The major emphasis of public key infrastructure has been to provide a cryptographically 
secure means of authenticating identities. However, procedures for authorizing the 
holders of these identities to perform specific actions still need additional research and 
development. While there are a number of proposed standards for authorization 
structures and protocols such as KeyNote, SPKI, and SAML based on X.509 or other key- 
based identities, none have been widely adopted. As part of an effort to us ... 

Keywords: Public key infrastructure, XML, digital certificates 



On secure and pseudonymous client-relationships with multiple servers 

Eran Gabber, Phillip B. Gibbons, David M. Kristol, Yossi Matias, Alain Mayer 

November 1999 ACM Transactions on Information and System Security (TISSEC), 

Volume 2 Issue 4 

Publisher: ACM Press 

Additional Information: full citation , abstract , references , citing s, index 
terms , review 



Full text available: ^pdf d 61 .56 KB ) 



This paper introduces a cryptographic engine, Janus, which assists clients in establishing 
and maintaining secure and pseudonymous relationships with multiple servers. The 
setting is such that clients reside on a particular subnet (e.g., corporate intranet, ISP) and 
the servers reside anywhere on the Internet. The Janus engine allows each client-server 
relationship to use either weak or strong authentication on each interaction. At the same 
time, each interaction preserves privacy by neithe ... 

Keywords: Janus function, anonymity, mailbox, persistent relationship, privacy, 
pseudonym 
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Legand L. Burge, Suleiman Baajun, Moses Garuba 
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March 2001 Proceedings of the 2001 ACM symposium on Applied computing SAC '01 
Publisher: ACM Press 

Full text available: *g| pdf(80.15 KB) Additional Information: full citation , references , index terms 



Keywords: Jini, mobile computing, post-pc, security, wireless 

4 Security in mobile communications: challen g es and o p portunities 
Audun J0sang, Gunnar Sanderud 

January 2003 Proceedings of the Australasian information security workshop 

conference on ACSW frontiers 2003 - Volume 21 ACSW Frontiers '03 

Publisher: Australian Computer Society, Inc. 

Full text available* fg| pdf(117 04 KB) Adcl ' t ' ona ' Information: full citation , abstract , references , citings , index 
* l^M^™* : terms 

The nature of mobile communication, characterised for example by terminals having poor 
user interface and limited processing capacity, as well as complex combination of network 
protocols, makes the design of security solutions particularly challenging. This paper 
discusses some of the difficulties system architects are faced with as well as some 
advantages mobile networks offer when designing security solutions for mobile 
communication. 

Keywords: heterogeneous networks, mobile devices, security, usability 



The state of the art in locally distributed Web-server systems 
Valeria Cardellini, Emiliano Casalicchio, Michele Colajanni, Philip S. Yu 
June 2002 ACM Computing Surveys (CSUR), volume 34 issue 2 

Publisher: ACM Press 

Full text available* fill df(1 41 MB) Additional Information: full citation , abstract , references , citings , index 
' ^ terms 

The overall increase in traffic on the World Wide Web is augmenting user-perceived 
response times from popular Web sites, especially in conjunction with special events. 
System platforms that do not replicate information content cannot provide the needed 
scalability to handle large traffic volumes and to match rapid and dramatic changes in the 
number of clients. The need to improve the performance of Web-based services has 
produced a variety of novel content delivery architectures. This article w ... 

Keywords: Client/server, World Wide Web, cluster-based architectures, dispatching 
algorithms, distributed systems, load balancing, routing mechanisms 



6 Student papers: Securing XML data B 
Jessica Heasley 

October 2004 Proceedings of the 1st annual conference on Information security 
curriculum development InfoSecCD '04 

Publisher: ACM Press 

Full text available: ^|pdf (50.73 KB) Additional Information: full citation , abstract , references , index terms 

XML is becoming one of the most important and widely used data formats. XML data in 
transit over the Internet as well as the data residing on servers must be assessed for XML 
associated security vulnerabilities and be properly secured from malicious XML specific 
attacks. There are several options in implementing XML security devices such as firewalls. 
Users need to understand how XML relates and interacts with Internet applications. 
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A component and communication model for push systems 
Manfred Hauswirth, Mehdi Jazayeri 

October 1999 ACM SIGSOFT Software Engineering Notes , Proceedings of the 7th 
European software engineering conference held jointly with the 7th 
ACM SIGSOFT international symposium on Foundations of software 
engineering ESEC/FSE-7, volume 24 issue 6 

Publisher: Springer-Verlag, ACM Press 

Full text available* fg|pdf (1 50 MB) Additional Information: full citation , abstract , references , citin gs, index 

terms 

We present a communication and component model for push systems. Surprisingly, 
despite the widespread use of many push services on the Internet, no such models exist. 
Our communication model contrasts push systems with client-server and event-based 
systems. Our component model provides a basis for comparison and evaluation of 
different push systems and their design alternatives. We compare several prominent push 
systems using our component model. The component model consists of producers an ... 

A security architecture for computational grids 

Ian Foster, Carl Kesselman, Gene Tsudik, Steven Tuecke 

November 1998 Proceedings of the 5th ACM conference on Computer and 

communications security CCS '98 
Publisher: ACM Press 

Full text available: ^ pdfd .23 MB) Additional Information: full citation , references , citings , index terms 



9 The gatewa y s ystem: uniform Web based access to remote resources Q 
Geoffrey Fox, Tomasz Haupt, Erol Akarsu, Alexey Kalinichenko, Kang-Seok Kim, Praveen 
Sheethalnath, Choon-Han Youn 

June 1999 Proceedings of the ACM 1999 conference on Java Grande JAVA '99 
Publisher: ACM Press 

Full text available: ^ pdf(759.70 KB) Additional Information: full citation , references , citings , index terms 




10 Accounting and management: WilmaGate: a new open access g ateway for hots pot 

^ management 

^ Mauro Brunato, Danilo Severina 

September 2005 Proceedings of the 3rd ACM international workshop on Wireless 
mobile applications and services on WLAN hotspots WMASH '05 

Publisher: ACM Press 

Full text available* Q pdf(206 1 3 KB) Add'*' 003 ' Information: full citation , abstract , references , citings, index 

Wireless access has already become a ubiquitous way to connect to the Internet, but the 
mushrooming of wireless access infrastructures throughout the world has given rise to a 
wide range of user authentication, authorization and accounting (AAA) mechanisms, with 
lots of incompatible "standards", each having its unique features and responding to 
specific problems.The WilmaGate system has been developed in order to provide a viable 
alternative to such a scenario. The assumptions that led to this s ... 

Keywords: access gateways, authentication, authorization, open access networks, 
wireless networks 
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11 Wireless trading in B2B markets: concepts, architecture, and experiences 
Jakka Sairamesh, Ioana Stanoi, Chung-Sheng Li, Brad Topol 

July 2001 Proceedings of the 1st international workshop on Mobile commerce WMC 
•01 

Publisher: ACM Press 

Full text available: Q pdf(534.56 KB) Additional Information: full citation , abstract , references , index term's 

With the tremendous advances in hand-held computing and communication capabilities, 
and the rapid proliferation of mobile devices, we are seeing a growth in mobile commerce 
in various consumer and business markets. In this paper, we present a novel architecture 
for end-to-end mobile commerce applications. We designed, implemented and deployed a 
system for mobile commerce connected to eMarketplaces. The system is currently 
undergoing trials under various configurations and in various countries ... 

Keywords: WAP, architecture, auctions, electronic commerce, mobile commerce, 
performance, state-machines and experimentation, trading, transcoding proxy . 



12 The Satchel system architecture: mobile access to documents and services | 
Mike Flynn, David Pendlebury, Chris Jones, Marge Eldridge, Mik Lamming 

December 2000 Mobile Networks and Applications, volume 5 issue 4 
Publisher: Kluwer Academic Publishers 

Full text available* 153 odf(207 51 KB) Additiona ' Information: full citation , abstract , references , citings, index 
' terms 

Mobile professionals require access to documents and document&dashjrelated services, 
such as printing, wherever they may be. They may also wish to give documents to 
colleagues electronically, as easily as with paper, face&dash;to&dash;face, and with 
similar security characteristics. The Satchel system provides such capabilities in the form 
of a mobile browser, implemented on a device that professional people would be likely to 
carry anyway, such as a pager or mobile phone. Printing may be per ... 

13 Principled desi g n of the modern Web architecture | 
Roy T. Fielding, Richard N. Taylor 

June 2000 Proceedings of the 22nd international conference on Software 
engineering ICSE 'OO 

Publisher: ACM Press 

Full text available* 15lpdf(21 7 34 KB) Additiona ' Information: full citation , abstract , references , citings, index 
• [A|._- = terms 

The World Wide Web has succeeded in large part because its software architecture has 
been designed to meet the needs of an Internet-scale distributed hypermedia system. The 
modern Web architecture emphasizes scalability of component interactions, generality of 
interfaces, independent deployment of components, and intermediary components to 
reduce interaction latency, enforce security, and encapsulate legacy systems. In this 
paper, we introduce the Representational State Tra ... 

Keywords: WWW, software architectural style, software architecture 



14 Computer security: Proxy-based security protocols in networked mobile devices 
^ M. Burnside, D. Clarke, T. Mills, A. Maywah, S. Devadas, R. Rivest 

March 2002 Proceedings of the 2002 ACM symposium on Applied computing SAC '02 

Publisher: ACM Press 
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Full text available: ^ pdf(765.09 KB) Additional Information: full citation , abstract , references , citings , index 

terms 

We describe a resource discovery and communication system designed for security and 
privacy. All objects in the system, e.g., appliances, wearable gadgets, software agents, 
and users have associated trusted software proxies that either run on the appliance 
hardware or on a trusted computer. We describe how security and privacy are enforced 
using two separate protocols: a protocol for secure device-to-proxy communication, and a 
protocol for secure proxy-to-proxy communication. Using two separate ... 

Keywords: authorization, certificate, certificate chain, certificate chain discovery, mobile 
device, pervasive, protocol, proxy, security, ubiquitous, wireless 



15 SNMP throu g h WWW 

Ching-Wun 'Bo' Tsai, Ruay-Shiung 'Bo' Chang 

March 1998 International Journal of Network Management volume 8 issue 2 
Publisher: John Wiley & Sons, Inc. 

Full text available* fi3 pdf(376 25 KB) Additional Information: full citation , abstract , references , citings , index 

terms 

In this article we propose a bilingual agent to accept either SNMP or HTTP commands and 
design several HTML pages to facilitate the task of network management. For network 
elements that support only SNMP, the bilingual agent can act as a proxy, so that the 
traditional SNMP agent can also be queried through the Web browser. © 1998 John Wiley 
& Sons, Ltd. 

16 Internet security: firewalls and beyond 
^ Rolf Oppliger 

May 1997 Communications of the ACM, volume 40 issue 5 
Publisher: ACM Press 

Full text available: ffl pdf(339.15 KB) Additional Information: full citation , references , citings, index terms , 
^ review 



17 New topics: Low-cost communication for rural internet kiosks usin g mechanical 
backhaul 

A. Seth, D. Kroeker, M. Zaharia, S. Guo, S. Keshav 

September 2006 Proceedings of the 12th annual international conference on Mobile 
computing and networking MobiCom '06 

Publisher: ACM Press 

Full text available: ^| pdf(733.95 KB ) Additional Information: full citation , abstract , references , index terms 

Rural kiosks in developing countries provide a variety of services such as birth, marriage, 
and death certificates, electricity bill collection, land records, email services, and 
consulting on medical and agricultural problems. Fundamental to a kiosk's operation is its 
connection to the Internet. Network connectivity today is primarily provided by dialup 
telephone, although Very Small Aperture Terminals (VSAT) or long-distance wireless links 
are also being deployed. These solutions tend to be bo ... 

Keywords: delay tolerant networks, low cost, mechanical back-haul, rural 
communication, system design 
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Steven J. Ross, Jason L Hill, Michael Y. Chen, Anthony D. Joseph, David E. Culler, Eric A. 
Brewer 

October 2002 Mobile Networks and Applications, volume i issue 5 
Publisher: Kluwer Academic Publishers 

Full text available: « pdf(340.33 KB) Additional Information: full citation , abstract, references, citings, index 

terms , review 

The Post-PC revolution is bringing information access to a wide range of devices beyond 
the desktop, such as public kiosks, and mobile devices like cellular telephones, PDAs, and 
voice based vehicle telematics. However, existing deployed Internet services are geared 
toward the secure rich interface of private desktop computers. We propose the use of an 
infrastructure-based secure proxy architecture to bridge the gap between the capabilities 
of Post-PC devices and the requirements of Internet ser ... 

Keywords: internet, middleware, post-PC, security, transcoding 

19 Pa pers from Hotnets-ll: The dark side of the Web: an open proxy's view 
^ Vivek S. Pai, Limin Wang, KyoungSoo Park, Ruoming Pang, Larry Peterson 

V January 2004 ACM SIGCOMM Computer Communication Review, Volume 34 Issue 1 
Publisher: ACM Press 

Full text available:^ ) pdf(102.49 KB) Additional Information: full citation , abstract , references 

With the advent of large-scale, wide-area networking testbeds, researchers can deploy 
long-running services that interact with other resources on the Web. While such 
interaction can easily attract clients and traffic, our experience suggests that projects 
accepting outside input and interacting with outside resources must carefully consider the 
avenues for abuse of such services. The CpDeeN Content Distribution Network, deployed 
on PlanetLab, uses a network of caching Web proxy servers to intell ... 

20 iMobile EE: an enterprise mobile service platform 

Yih-Farn Chen, Huale Huang, Rittwik Jana, Trevor Jim, Matti Hiltunen, Sam John, Serban 
Jora, Radhakrishnan Muthumanickam, Bin Wei 
July 2003 Wireless Networks, volume 9 issue 4 
Publisher: Kluwer Academic Publishers 

Full text available* 13 Ddf(2 90 MB) Additional Information: full citation , abstract , references , citings, index 
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iMobile 1 is an enterprise mobile service platform that allows resource-limited mobile 
devices to communicate with each other and to securely access corporate contents and 
services. The original iMobile architecture consists of devlets that provide protocol 
interfaces to different mobile devices and infolets that access and transcode information 
based on device profiles. iMobile Enterprise Edition (iMobile EE) is a redesign of the 
original iMobile architecture to address the security, ... 

Keywords: content transcoding, middleware, mobile devices, mobile enterprise, mobile 
multimedia services 
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Ian Foster, Carl Kesselman, Gene Tsudik, Steven Tuecke, 
November 1998 Proceedings of the 5th ACM conference on Computer and 

communications security CCS '98 
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Certificate-based authorization policy in a PKI environment 
Mary R. Thompson, Abdelilah Essiari, Srilekha Mudumbai 

November 2003 ACM Transactions on Information and System Security (TISSEC), 

Volume 6 Issue 4 
Publisher: ACM Press 

Full text available* fSl odf(233 63 KB) Additional Information: full citation , abstract , references , citings, index 
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The major emphasis of public key infrastructure has been to provide a cryptographically 
secure means of authenticating identities. However, procedures for authorizing the 
holders of these identities to perform specific actions still need additional research and 
development. While there are a number of proposed standards for authorization 
structures and protocols such as KeyNote, SPKI, and SAML based on X.509 or other key- 
based identities, none have been widely adopted. As part of an effort to us ... 
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October 2002 Mobile Networks and Applications, volume i issue 5 
Publisher: Kluwer Academic Publishers 
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The Post-PC revolution is bringing information access to a wide range of devices beyond 
the desktop, such as public kiosks, and mobile devices like cellular telephones, PDAs, and 
voice based vehicle telematics. However, existing deployed Internet services are geared 
toward the secure rich interface of private desktop computers. We propose the use of an 
infrastructure-based secure proxy architecture to bridge the gap between the capabilities 
of Post-PC devices and the requirements of Internet ser ... 

Keywords: internet, middleware, post-PC, security, transcoding 
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Grid portals are an increasingly popular mechanism for creating customizable, Web-based 
interfaces to Grid services and resources. Due to the powerful, general-purpose nature of 
Grid technology, the security of any portal or entry point to such resources cannot be 
taken lightly. This is particularly true if the portal is running inside of a trusted perimeter, 
such as a Science Gateway running on an SDSC machine for access to the TeraGrid. To 
evaluate the current state of Grid portal security, we ... 

Role-based access control on the web 
Joon S. Park, Ravi Sandhu, Gail-Joon Ahn 

February 2001 ACM Transactions on Information and System Security (TISSEC), volume 

4 Issue 1 
Publisher: ACM Press 

Full text available* IB pdf(331 .03 KB) Additional Information: full citation , abstract , references , citings , index 

terms , review 

Current approaches to access control on the Web servers do not scale to enterprise-wide 
systems because they are mostly based on individual user identities. Hence we were 
motivated by the need to manage and enforce the strong and efficient RBAC access 
control technology in large-scale Web environments. To satisfy this requirement, we 
identify two different architectures for RBAC on the Web, called user-pull and server-pull. 
To demonstrate feasibility, we im ... 

Keywords: WWW security, cookies, digital certificates, role-based access control 
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The service oriented architecture (SOA) is gaining more momentum with the advent of 
network services on the Web. A programmable and machine accessible Web is the vision 
of many,and might represent a step towards the semantic Web. However, security is a 
crucial requirement for the serious usage and adoption of the Web services technology. 
This paper enumerates design goals for an access control model for Web services. It then 
introduces an abstract general model for Web services components, along ... 

Keywords: Web services, XML, access control, security 



8 Security Issues in the ABELS System for Linkin g Distributed Simulations 
G. Ayorkor Mills-Tettey, Linda F. Wilson 

March 2003 Proceedings of the 36th annual symposium on Simulation ANSS '03 
Publisher: IEEE Computer Society 

Full text available: *g| pdf(478.65 KB) Additional Information: full citation , abstract , index terms 

The Agent-Based Environment for Linking Simulations(ABELS) framework is designed to 
allow physically distributedsimulations and other data resources to form a"data cloud" for 
the exchange of information. In particular^ uses a distributed brokering system to 
facilitate dynamiclinkings between independently-designed, autonomous 
participants,without requiring the use of stringent standardsto which participants must 
conform. This paper discussesvarious challenges in developing a security framework ... 



9 Technical Session: Su p porting ubiquitous computing throu g h directory enabled 
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^ Michael Richichi, Paul Coen 

October 2001 Proceedings of the 29th annual ACM SIGUCCS conference on User 

services SIGUCCS '01 
Publisher: ACM Press 

Full text available* fiS Ddft285 27 KB) Additional Information: full citation , abstract , references , citing s, index 
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Drew has been providing computers to students since 1984. Many universities have 
ubiquitous computing programs where students receive a laptop computer as part of their 
educational package. These programs reduce the dependence on and management issues 
of traditional computer labs, and allow 24x7 computing access to every student at the 
University. Drew also provides Novell Directory Services (NDS) accounts to all of these 
students, and utilizes Novell ZEN works to customize software, personalize ... 

Keywords: LDAP, ZEN works, directory services, eDirectory, laptop programs, 
management, ubiquitous computing 
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Full text available: ^ pdf(145.45 KB) Additional Information: full citation , abstract , references , index terms 

The objective of this paper is to present an economic pricing-based resource management 
technique for Intranets that has the capability of managing Intranet resources from an 
organizational perspective. We discuss the adoption of this pricing scheme at three 
stages: application level, node level, and data-stream level implementations. These three 
levels demonstrate how a pricing based approach can be used with the current technology 
and also be migrated to evolving network architectures such as ... 
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November 2005 Proceedings of the 3rd international workshop on Middleware for 
pervasive and ad-hoc computing MPAC '05 

Publisher: ACM Press 

Full text available:^ pdf(479. 82 KB) Additional Information: full citation , abstract , references , index terms 

This paper outlines the benefits of adopting service-oriented architectures at the level of 
communications between resource-constrained embedded devices. It focuses on the 
usage of the Devices Profile for Web Services as the underpinning of such architectures 
for "smart" devices and discusses an early implementation thereof. It further illustrates 
how "dumb" or "legacy" devices can be integrated using a gatewaying approach. 

Keywords: communication infrastructure, device networking, service-oriented 
architecture, web service 
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March 2004 Proceedings of the 6th international conference on Electronic commerce 
ICEC '04 

Publisher: ACM Press 

Full text available: Q pdfH 73.70 KB ) Additional Information: full citation , abstract , references 

An important dimension of mobile computing is the ubiquitous and location-independent 
availability of data. Aggregation is the ability to electronically access and display personal 
account information from disparate sources through a single identity. The client financial 
data is assembled in an organized format providing meaningful summarization and 
analysis. The prevalent methods of aggregation pose issues in information security and 
assurance. Utilizing advances in Internet technology such as ... 
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Publisher: ACM Press 

Full text available: Q pdf(143.26 KB) Additional Information: full citation , abstract , references , index terms 

Porting a complex secure application from one security infrastructure to another is often 
difficult or impractical. Grid security associated with the Globus toolkit is supported by a 
Grid Security Infrastructure (GSI) based on a Public Key Infrastructure where users 
authenticate to the grid using X509 certificates. Kerberos security is based on a trusted 
third party, secret key infrastructure where users authenticate using encrypted tickets. 
However, both GSI and Kerberos provide a Generic Secur ... 
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June 2004 Proceedings of the 41st annual conference on Design automation DAC '04 
Publisher: ACM Press 

Full text available: ^) pdf(494.20 KB) Additional Information: full citation , abstract , references , index terms 

Digital watermarking is a process that embeds an imperceptible signature or watermark in 
a digital file containing audio, image, text or video data. The watermark is later used to 
authenticate the data file and for tamper detection. It is particularly valuable in the use 
and exchange of digital media such as audio and video on emerging handheld devices. 
However, watermarking is computationally expensive and adds to the drain of the 
available energy in handheld devices. We present an approach in ... 

Keywords: handhelds, partitioning, proxy, watermarking 
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There is rapidly increasing interest in Australia in on-line sharing of information stored in 
corporate databases, especially within and between staff of independent government 
agencies. Biological collections databases and population health GIS are good examples of 
the frequent situation where database custodians are looking for dynamic, distributed, 
heterogenous federated information system models for information sharing within loosely 
constituted communities. This paper describes a security m ... 
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Grid technology is increasingly being looked upon as a natural extension of the internet 
for engaging in complex data processing tasks over resources which are distributed across 
the world. Architects and developers employing grid systems must take into consideration 
security implications. Dynamic generation of virtual organizations leads to a synergistic 
picture which has to address security requirements never encountered before. Globus 
toolkit has devised a framework for making secure use of g ... 
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The Secure Electronic Transaction (SET) protocol has been proposed by a consortium of 
credit card companies and software corporations to secure e-commerce transactions. 
When the customer makes a purchase, the SET dual signature guarantees authenticity 
while keeping the customer's account details secret from the merchant and his choice of 
goods secret from the bank.This paper reports the first verification results for the 
complete purchase phase of SET. Using Isabelle and the inductive method, we ... 

Keywords: electronic commerce, formal verification, inductive specifications, isabelle 
proof assistant, security protocols 
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No secure network file system has ever grown to span the Internet. Existing systems all 
lack adequate key management for security at a global scale. Given the diversity of the 
Internet, any particular mechanism a file system employs to manage keys will fail to 
support many types of use. We propose separating key management from file system 
security, letting the world share a single global file system no matter how individuals 
manage keys. We present SFS, a secure file system that avoids internal ... 
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